wolf-crypto 0.1.0-alpha.3

Safe and thin API for wolfSSL's wolfcrypt
Documentation

Table of Contents

  1. wolf-crypto
  2. Current Priorities
  3. License
  4. Notes
  5. Roadmap [0/5]
    1. Hashing [4/6]
      1. SHA2 [6/6]
      2. SHA3 [5/5]
      3. SHA [0/1]
      4. RIPEMD-160 [1/1]
      5. MD [2/2]
      6. BLAKE2 [1/2]
    2. AEAD [1/5]
      1. AES-GCM [3/3]
      2. ChaCha20-Poly1305 [0/2]
      3. AES-CCM [0/3]
      4. AES-EAX [0/3]
      5. AES-SIV [0/3]
    3. Symmetric Encryption [0/3]
      1. AES [1/4]
      2. ChaCha20 [0/2]
      3. 3DES [0/1]
    4. MAC [0/2]
      1. HMAC [0/9]
      2. Poly1305 [0/1]
    5. Writing the Remaining Sections (asymmetric, password, padding, etc)

WARNING - THIS LIBRARY IS IN ITS EARLY STAGES, IT IS NOT READY FOR PRODUCTION USE, USE AT YOUR OWN RISK.

wolf-crypto

This library seeks to provide a safe, zero-cost, API for wolfcrypt by wolfSSL. It is in its very early stages, some feature flags are misleading, for instance allow-non-fips implies that when disabled only FIPS 140-3 certified cryptography is used. This is not currently the case due to the associated wolf-crypto-sys not currently leveraging the FIPS-MODE feature. This feature will eventually be enabled, as it was my original reason for beginning to work on this, though the library as previously mentioned is incredibly immature.

Currently, the hash module is the most tested segment of this codebase, outside of this module and the aes module I personally would not be comfortable using anything in a general purpose application (not any of my professional work in security).

Current Priorities

  • Focus on implementing and stabilizing the core FIPS 140-3 compatible algorithms.
  • Improve test coverage in hashing, symmetric encryption, and AEAD modules.
  • Incrementally implement and test asymmetric cryptographic functions (RSA, ECDSA, ECDH).
  • Enable FIPS-MODE support in wolf-crypto-sys to align with the FIPS compliance goals.

License

This library is under GPLv2 licensing unless you purchased a commercial license from wolfSSL.

Notes

  • Affiliation: I am not affiliated with wolfSSL, I just enjoy security and have appreciation for their work.
  • Why is this named wolf-crypto and not wolfcrypt: I did not want to take the official name by wolfSSL.

TODO Roadmap [0/5]

TODO Hashing [4/6]

DONE SHA2 [6/6]

  1. DONE SHA-224

  2. DONE SHA-256

  3. DONE SHA-384

  4. DONE SHA-512

  5. DONE SHA-512/224

  6. DONE SHA-512/256

DONE SHA3 [5/5]

  1. DONE SHA3-224

  2. DONE SHA3-256

  3. DONE SHA3-384

  4. DONE SHA3-512

  5. DONE SHAKE [2/2]

    1. DONE SHAKE128

    2. DONE SHAKE256

TODO SHA [0/1]

DONE RIPEMD-160 [1/1]

DONE MD [2/2]

  1. DONE MD5

  2. DONE MD4

TODO BLAKE2 [1/2]

  1. DONE BLAKE2b

  2. TODO BLAKE2s

TODO AEAD [1/5]

DONE AES-GCM [3/3]

  1. DONE 256

  2. DONE 192

  3. DONE 128

TODO ChaCha20-Poly1305 [0/2]

  1. TODO 256

  2. TODO 128

TODO AES-CCM [0/3]

  1. DONE 256

  2. DONE 192

  3. DONE 128

TODO AES-EAX [0/3]

  1. TODO 256

  2. TODO 192

  3. TODO 128

TODO AES-SIV [0/3]

  1. TODO 256

  2. TODO 192

  3. TODO 128

TODO Symmetric Encryption [0/3]

TODO AES [1/4]

  1. DONE CTR [3/3]

    1. DONE 256

    2. DONE 192

    3. DONE 128

  2. TODO CBC [0/3]

    1. TODO 256

    2. TODO 192

    3. TODO 128

  3. TODO XTS [0/2]

    1. TODO 256

    2. TODO 128

  4. TODO CFB [0/3]

    1. TODO 256

    2. TODO 192

    3. TODO 128

TODO ChaCha20 [0/2]

  1. TODO 256

  2. TODO 128

TODO 3DES [0/1]

  1. TODO 168

TODO MAC [0/2]

TODO HMAC [0/9]

  1. TODO SHA-256

  2. TODO SHA-384

  3. TODO SHA-512

  4. TODO SHA3-224

  5. TODO SHA3-256

  6. TODO SHA3-384

  7. TODO SHA3-512

  8. TODO SHA

  9. TODO MD5

TODO Poly1305 [0/1]

TODO Writing the Remaining Sections (asymmetric, password, padding, etc)